G42
Security Engineer - DFIR Lab
- Permanent
- Abu Dhabi, United Arab Emirates
- Experience 5 - 10 yrs
Job expiry date: 31/05/2026
Job overview
Date posted
16/04/2026
Location
Abu Dhabi, United Arab Emirates
Salary
Undisclosed
Compensation
Job description
The Security Engineer - DFIR Lab at CPX in Abu Dhabi is responsible for managing and maintaining the Digital Forensics and Incident Response (DFIR) Lab infrastructure, hardware, software, processes, and documentation. The role supports cyber incident response engagements by ensuring availability and performance of forensic infrastructure and tools. Responsibilities include maintaining DFIR lab hardware and software systems, managing asset inventory, supporting license renewals, purchases, and budgeting activities, and deploying and configuring forensic and incident response tools including EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, Security Onion, and FTK Imager. The role involves configuring forensic workstations, laptops, war laptops, servers, and storage systems while ensuring adherence to security, privacy, and data integrity standards. The Security Engineer implements access controls, logging, audit trails, and monitoring solutions, evaluates and tests new technologies, and develops automation scripts to streamline workflows. The position contributes to SOP creation, process documentation, lab configuration documentation, and forensic tool usage guidelines. The role collaborates with customers to deploy hardware and software for incident response and forensic engagements and executes lab tasks supporting cyber incident investigations. The position requires expertise in EDR, NDR, forensic artifact collectors, intrusion detection systems, security monitoring, log management, evidence management, and data acquisition. Additional technical responsibilities include managing Linux environments, networking devices such as switches, routers, and firewalls, storage systems including NAS, virtualization platforms including VMWare ESXi and Nutanix, server and desktop operating systems including Windows, Linux/Unix, and Mac, baseline system configurations, and cloud-based environments. The role operates within DFIR lab environments and requires experience handling digital forensic equipment such as write blockers, specialized cables, adapters, connectors, forensic workstations, and forensic laptops.
Required skills
Key responsibilities
- Manage and maintain the DFIR Lab infrastructure including hardware, software, servers, storage systems, forensic workstations, and laptops to ensure availability and performance for digital forensics and incident response engagements
- Deploy, configure, and maintain digital forensics and incident response tools including EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, Security Onion, and FTK Imager while optimizing lab environments
- Maintain asset inventory, manage licensing renewals, support procurement activities, and contribute to budgeting for DFIR lab infrastructure and tools
- Implement security controls including access controls, logging, monitoring, and audit trails to ensure adherence to security, privacy, and data integrity standards
- Configure and optimize forensic workstations, war laptops, servers, storage systems, and networking devices including switches, routers, firewalls, and NAS storage systems
- Develop scripts and automation tools to streamline workflows, enhance efficiency, and improve operational processes within the DFIR lab environment
- Create and maintain SOPs, process documentation, forensic procedures, lab configurations, and tool usage guidelines while supporting continuous service improvement initiatives
- Collaborate with customers and incident response teams to deploy hardware and software, support cyber incident response engagements, and execute DFIR lab operational tasks
Experience & skills
- Demonstrate minimum 5+ years of experience working in technical lab, data center, DFIR, or system engineering environments with hands-on experience in scalable technical infrastructure
- Possess proficiency in Digital Forensics and Incident Response tools including EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, Security Onion, and FTK Imager
- Demonstrate understanding of Incident Response technologies including EDR, NDR, intrusion detection, security monitoring, forensic artifact collectors, and log management
- Show experience with digital forensics equipment including write blockers, adapters, connectors, forensic workstations, forensic laptops, and specialized cables
- Demonstrate experience with Linux systems, networking devices including switches, routers and firewalls, and storage systems including NAS
- Possess experience with virtualization platforms including VMWare ESXi and knowledge of Nutanix or other virtualization technologies
- Demonstrate familiarity with server and desktop operating systems including Windows, Linux/Unix, and Mac and experience managing cloud-based environments
- Hold relevant certifications in Digital Forensics, Incident Response, Cloud Computing, Linux or Windows Administration, Security Engineering such as CCE, CHFI, GCFE, INE Security, Microsoft, Azure, VMware, or RedHat certifications